IBM DOORS Next Generation( DNG/RRC) is vulnerable to an undisclosed cross-site scripting attack. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.